Monday, 22 March 2021

This dangerous WordPress attack threatens millions of websites

Security researchers have uncovered a serious vulnerability in the popular Elementor WordPress website builder that can potentially allow hackers to take over any websites built using it.

Elementor claims to be used on over seven million WordPress websites. The stored cross-site scripting vulnerability was discovered by Wordfence, who develop security solutions including plugins to protect WordPress. 

“These vulnerabilities allowed any user able to access the Elementor editor, including contributors, to add JavaScript to posts. This JavaScript would be executed if the post was viewed, edited, or previewed by any other site user, and could be used to take over a site if the victim was an administrator,” explains Wordfence.

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

Now patched

Wordfence disclosed the vulnerability to Elementor last month, and it has since been patched. 

What made the vulnerability particularly dangerous was that it could be exploited even by someone with Contributor permissions on a WordPress website. Contributors have the least number of administrative privileges.

Wordfence discovered that several elements in the Elementor editor weren’t validated on the server side, which could allow malicious users to roll executable JavaScript to a page. When an administrator opens the post for review, the script would execute and use the high-level privileges to create a new malicious administrator account.

The researchers suggest that the solution to preventing this type of vulnerability is to enforce a list of allowed HTML tags on the server side, rather than just on the client side. “Indeed, this is the approach the patched version uses to correct the issue”, concludes Wordfence.

Via: WPTavern

https://ift.tt/3f0LNRH

No comments:

Post a Comment